Research, development and trades concerning the powerful Proxmark3 device.
Remember; sharing is caring. Bring something back to the community.
"Learn the tools of the trade the hard way." +Fravia
You are not logged in.
Time changes and with it the technology
Proxmark3 @ discord
Users of this forum, please be aware that information stored on this site is not private.
Hello, sorry I am new of this community. I read some thread about how to retrieve plain text from cipher-text after authentication.
But when I computer k4 to decrypt I get a different message respect what I expect.
R--> T 26
T --> R 04 00
R--> T 93 20
T --> R 2a 69 8d 43 8d
R--> T 93 70 2a 69 8d 43 8d
T --> R 08 b6 dd
R--> T 60 04 d1 3d
T --> R 3b ae 03 2d
R--> T c4 94 a1 d2 6e 96 86 42
T --> R 84 66 05 9e
R--> T 7d de a6 b3
T --> R e7 ee e3 ab 0f 89 bb ed 44 b1 91 ce ef 8a 4d ce
I got:
Keystream used to generate {ar} and {at}:
ks2: 1159b281
ks3: 02fbbe4b
Found Key: [ffffffffffff]
I am trying to decrypt: 7d de a6 b3 that should be: 30 04 cd d1.
I did:
enc = 7d de a6 b3; (message encrypted)
I compute Ks4 as: k4 = enc ^ prng_successor(nt, 128);
ks4: ffa08ef5
And then
7d de a6 b3 XOR ffa08ef5 = 82 7E 28 44
Where I am I wrong?
I hope I did not duplicate an other thread but I did find the answer.
Thank you very much.
Offline
Studying deeper and reading a thread in this forum I get that I was computing ks4 in the wrong way.
Now I should computing it correctly (ks4 = crypto1_word(revstate,0,0);) getting ks4 = 61652568. But If I use the XOR opearator the plain text is wrong. Where am I wrong? Thanks, bye.
Offline
To able to read the contents in your card you have to read the block or sector, not the sniff list.
BUT it's also the blocks are in cipher text, I think is in DES with CRC additionally have the MAC
To read the contents you need a master key and depend of yout card the key of the sector.
I you have some clue plz let me know
Offline